Vulners
Lucene search
Apache HTTP Server 'mod_proxy'反向代理信息泄露漏洞
| Reporter | Title | Published | Views | Family All 182 |
|---|---|---|---|---|
 | Security fix for the ALT Linux 8 package apache2 version 2.2.21-alt2 | 19 Nov 201100:00 | – | altlinux |
| Security fix for the ALT Linux 9 package apache2 version 2.2.22-alt1 | 2 Feb 201200:00 | – | altlinux |
| Security fix for the ALT Linux 10 package apache2 version 2.2.21-alt2 | 19 Nov 201100:00 | – | altlinux |
| Security fix for the ALT Linux 9 package apache2 version 2.2.21-alt2 | 19 Nov 201100:00 | – | altlinux |
| Security fix for the ALT Linux 8 package apache2 version 2.2.22-alt1 | 2 Feb 201200:00 | – | altlinux |
| Security fix for the ALT Linux 10 package apache2 version 2.2.22-alt1 | 2 Feb 201200:00 | – | altlinux |
 | Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC | 10 Oct 201100:00 | – | zdt |
 | Exploit for CVE-2007-6750 | 27 Jul 202503:38 | – | gitee |
 | Apache 2.2 < 2.2.22 Multiple Vulnerabilities | 6 Feb 201200:00 | – | nessus |
| Mac OS X 10.7 < 10.7.5 Multiple Vulnerabilities | 21 Sep 201200:00 | – | nessus |
10
如如下的配置:
RewriteRule (.*)\.(jpg|gif|png) http://images.example.com$1.$2 [P]
ProxyPassMatch (.*)\.(jpg|gif|png) http://images.example.com$1.$2
可导致泄露内部服务器信息,如下形式的请求:
GET @other.example.com/something.png HTTP/1.1
会转译成如下的目标请求
http://images.example.com () other example com/something.png
这会导致代理连接"other.example.com",因为当解析URL时"images.example.com@"段会作为用户验证凭据使用。
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
08 Oct 2011 00:00Current
8.9High risk
Vulners AI Score8.9
EPSS0.76893